Eric Lee / smarc-ti-linux-kernel | Embedian Git Server

19 Feb, 2013

1 commit

9a5467bf7 crypto: user - fix info leaks in report API ... Browse Code »

Three errors resulting in kernel memory disclosure:

1/ The structures used for the netlink based crypto algorithm report API
are located on the stack. As snprintf() does not fill the remainder of
the buffer with null bytes, those stack bytes will be disclosed to users
of the API. Switch to strncpy() to fix this.

2/ crypto_report_one() does not initialize all field of struct
crypto_user_alg. Fix this to fix the heap info leak.

3/ For the module name we should copy only as many bytes as
module_name() returns -- not as much as the destination buffer could
hold. But the current code does not and therefore copies random data
from behind the end of the module name, as the module name is always
shorter than CRYPTO_MAX_ALG_NAME.

Also switch to use strncpy() to copy the algorithm's name and
driver_name. They are strings, after all.

Signed-off-by: Mathias Krause
Cc: Steffen Klassert
Signed-off-by: Herbert Xu

Mathias Krause
2013-02-19 20:27:03 +0800

02 Apr, 2012

1 commit

6662df33f crypto: Stop using NLA_PUT*(). ... Browse Code »

These macros contain a hidden goto, and are thus extremely error
prone and make code hard to audit.

Signed-off-by: David S. Miller

David S. Miller
2012-04-02 16:33:42 +0800

11 Nov, 2011

1 commit

3acc84739 crypto: algapi - Fix build problem with NET disabled ... Browse Code »

The report functions use NLA_PUT so we need to ensure that NET
is enabled.

Reported-by: Luis Henriques
Signed-off-by: Herbert Xu

Herbert Xu
2011-11-11 06:57:06 +0800

21 Oct, 2011

1 commit

a55465dca crypto: Add userspace report for pcompress type algorithms ... Browse Code »

Signed-off-by: Steffen Klassert
Signed-off-by: Herbert Xu

Steffen Klassert
2011-10-21 20:24:06 +0800

14 Jul, 2009

1 commit

2ca33da1d crypto: api - Remove frontend argument from extsize/init_tfm ... Browse Code »

As the extsize and init_tfm functions belong to the frontend the
frontend argument is superfluous.

Signed-off-by: Herbert Xu

Herbert Xu
2009-07-14 12:58:15 +0800

02 Jun, 2009

1 commit

2f6ceb793 crypto: pcomp - pcompress.c should include crypto/internal/compress.h ... Browse Code »

make C=1:
| crypto/pcompress.c:77:5: warning: symbol 'crypto_register_pcomp' was not declared. Should it be static?
| crypto/pcompress.c:89:5: warning: symbol 'crypto_unregister_pcomp' was not declared. Should it be static?

Signed-off-by: Geert Uytterhoeven
Signed-off-by: Herbert Xu

Geert Uytterhoeven
2009-06-02 12:04:20 +0800

04 Mar, 2009

1 commit

a1d2f0954 crypto: compress - Add pcomp interface ... Browse Code »

The current "comp" crypto interface supports one-shot (de)compression only,
i.e. the whole data buffer to be (de)compressed must be passed at once, and
the whole (de)compressed data buffer will be received at once.
In several use-cases (e.g. compressed file systems that store files in big
compressed blocks), this workflow is not suitable.
Furthermore, the "comp" type doesn't provide for the configuration of
(de)compression parameters, and always allocates workspace memory for both
compression and decompression, which may waste memory.

To solve this, add a "pcomp" partial (de)compression interface that provides
the following operations:
- crypto_compress_{init,update,final}() for compression,
- crypto_decompress_{init,update,final}() for decompression,
- crypto_{,de}compress_setup(), to configure (de)compression parameters
(incl. allocating workspace memory).

The (de)compression methods take a struct comp_request, which was mimicked
after the z_stream object in zlib, and contains buffer pointer and length
pairs for input and output.

The setup methods take an opaque parameter pointer and length pair. Parameters
are supposed to be encoded using netlink attributes, whose meanings depend on
the actual (name of the) (de)compression algorithm.

Signed-off-by: Geert Uytterhoeven
Signed-off-by: Herbert Xu

Geert Uytterhoeven
2009-03-04 15:05:33 +0800